{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eac17cb1-b1ff-5a89-b967-bb295327e9cd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2", "type": "library", "group": "io.netty", "name": "netty-codec", "version": "4.1.92.Final-tuxcare.2", "purl": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:52ea8d0f-4963-5ff2-8322-546630470a0a", "id": "CVE-2023-34462", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-34462 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:975f9adb-3c2a-54d2-84e6-ecad7f2be62b", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10ae5453-08af-5f58-a6f1-07fb162d4bb4", "id": "CVE-2023-4586", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2023-4586 is a false positive for io.netty:netty-codec 4.1.92.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5f178a3-442e-5a58-8197-80085ca43c37", "id": "CVE-2024-29025", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29025 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46f77fe1-0691-5112-8485-e5098031fdff", "id": "CVE-2024-47535", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-47535 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0c2405c-ba08-5c0e-9db7-b2222a254689", "id": "CVE-2025-24970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-24970 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b57fdfae-d719-5f61-b038-2e00c2dc9c7a", "id": "CVE-2025-25193", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-25193 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:112d678a-d670-55de-8418-bcbda4dd2fcc", "id": "CVE-2025-55163", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-55163 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ab1f3a3-03c1-51bb-8ea1-07806628a17f", "id": "CVE-2025-58056", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-58056 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55cb54af-17f5-51ab-a0ff-6dc7bc1128cd", "id": "CVE-2025-58057", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-58057 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3cbbac06-d773-5c76-ad91-6c69f81503e9", "id": "CVE-2025-59419", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-59419 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f95f56a-02fd-57d1-afde-2c7b18862165", "id": "CVE-2025-67735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-67735 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c6e6758-7db8-5c06-87c3-bb4d06bd799e", "id": "CVE-2026-33870", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-33870 is fixed in version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fdd3554-5c4f-5e53-82a7-e431aaf30493", "id": "CVE-2026-33871", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33871 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:532edf51-fe21-51a0-9db0-90abfb3abaa9", "id": "CVE-2026-41417", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41417 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c98b4ab-ca09-54e6-902b-e11889147e06", "id": "CVE-2026-42577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42577 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f65aaa7-13f1-56bc-8b0d-c38ca2dc9a95", "id": "CVE-2026-42578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42578 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88632ee4-155c-547e-adf6-0bbf1f55575a", "id": "CVE-2026-42579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42579 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93409553-c96c-5430-9f56-b756fed78828", "id": "CVE-2026-42580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42580 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25d0229c-b21d-5839-a930-c91c5a264d72", "id": "CVE-2026-42581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42581 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b5a9355-4bca-500f-9147-e01213f3c2fe", "id": "CVE-2026-42584", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42584 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d38d56de-56b8-55ab-956e-280f8df2ab38", "id": "CVE-2026-42585", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42585 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6cb79fd-76d1-548a-a0ae-5f0ff22db34a", "id": "CVE-2026-42586", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42586 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e4f783f-777a-5d4f-945d-45d67c38cc47", "id": "CVE-2026-42587", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-42587 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ada839b-579f-5bd1-b07a-2f03c5fb6ce2", "id": "CVE-2026-44248", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44248 affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d7214f2-f2dd-51f4-a836-db61771afac7", "id": "GHSA-xpw8-rcwv-8f8p", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-xpw8-rcwv-8f8p affects version 4.1.92.Final-tuxcare.2 of io.netty:netty-codec." }, "affects": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.netty/netty-codec@4.1.92.Final-tuxcare.2" } ] }